May 22, 2019 | Bob Covello

If you confuse them, you lose them.

I was watching a wonderful webcast by Marie Forleo.  It was part of her “Copy Cure” course, and if you are unfamiliar with Marie and her work, take the time to explore some of her wisdom.  Her webcasts are gems, particularly if you work in the consulting space. During the webcast she mentioned a phrase that…

May 21, 2019 | Devin Morrissey

The future of stock market analysis

Image Source: Pexels Stock sales and trading play a huge role in the U.S. and global economy. Stock exchanges provide the backbone to the economic infrastructure of our nation, as they help companies to expand when they’re ready by offering the general public a chance to invest in company stock. However, investing in the stock market can…

Get the latest security news in your inbox.

Subscribe via Email

May 20, 2019 | Fernando Martinez

Adversary simulation with USM Anywhere

By Fernando Martinez and Javier Ruiz of AT&T Alien Labs. In our previous blog, we analyzed how it is possible to map malware threats using the MITRE ATT&CK™ framework. In this blog, we will test the USM Anywhere platform against red team techniques and adversary simulations. We performed this analysis as part of our continuous…

May 15, 2019 | Karoline Gore

Critical Cyber Security features that your business needs to survive

Recent statistics show that 60% of businesses are forced to suspend operations after a cyber-attack are never able to reopen for business. This is largely due to revenue lost due to downtime as well as damage to the company’s reputation. The good news is that most of these threats can be mitigated with reliable cybersecurity. When…

May 14, 2019 | Kate Brew

Confidence: the perception and reality of cybersecurity threats

At RSA 2019, we conducted a survey that netted 733 respondents along with interviews between Javvad Malik, former security advocate at AT&T Cybersecurity, and security experts. The full results are in his comprehensive and informative research report. Following are a few highlights: Internal threats Phishing is the clear “winner” here. At 29%, nearly a third cited phishing as the…

May 10, 2019 | Chris Doman

Sharepoint vulnerability exploited in the wild

The CVE-2019-0604 (Sharepoint) exploit and what you need to know AT&T Alien Labs has seen a number of reports of active exploitation of a vulnerability in Microsoft Sharepoint (CVE-2019-0604). One report by the Saudi Cyber Security Centre appears to be primarily targeted at organisations within the kingdom. An earlier report by the Canadian Cyber Security Centre…

May 8, 2019 | Kelley Bryant

The art of pushing left in application security

Today, software is being developed at a breakneck speed. Agile development and the aggressive adoption of DevOps is leading to an abundance of functionality and feature sets, or pieces of code pushed out to consumers at a record pace.  These one-click opportunities may indeed get us what we want, however, the game remains the same. The Achilles Heel is…

May 7, 2019 | Javvad Malik

What does the CISO say? A Tweetchat roundup

Note from the editor: Javvad has left AT&T Cybersecurity, but on his last day he penned a final blog, recapping the awesome tweet chat we had with all star CISO's. Here is Javvad's heroic working-the-last-day blog: On 18th April 2019, @ATTCyber gathered a panel of CISOs (and recovering CISOs) for a tweetchat to discuss some of the…

May 6, 2019 | Bob Covello

Don’t focus 100% on security

In recent months, I have met many people who are interested in working in Cybersecurity.  This is wonderful, especially given the amount of available employment opportunities in this field. Like any ambitious person, the people who approach me to ask about getting into the field want to fully immerse themselves in “all things security”.  This is…

May 2, 2019 | James Quinn

Reversing Gh0stRAT part 2: the DDOS-ening

This is a guest post James Quinn, a SOC analyst from Binary Defense. In Part 1 of the Reversing Gh0stRAT series, we talked about a partial Gh0stRAT variant which used an encryption algorithm to hide its traffic.  In part 2, we will be talking about a much more complete Gh0stRAT sample which allows a hacker to take total…

May 1, 2019 | Tawnya Lancaster

Who’s phishing in your cloud? And, some suggestions for detecting it

An example of how to detect platform or service attacks Oh, the places we go . . . with apps in the cloud.   A comprehensive, six-month study released by Proofpoint, in March reports that (oh, to our surprise), attackers are “leveraging legacy protocols and credential dumps to increase the speed and effectiveness of brute …

April 30, 2019 | Katia Dean

What everybody ought to know about mentoring in InfoSec

It seems like everyone wants to get into the field of cyber security. Regarding this, having a mentor is important for your cyber career. A mentor is known to be knowledgeable in the field, will guide you along your path providing direction from what they have learned and motivate you throughout your career. When I set out on this path,…

Watch a Demo ›
Get Price Free Trial